Cyber Incident Victim: Simon Fraser University
Date:
Feb 2021
Location:
Canada
Summary
Simon Fraser University experienced a cyberattack compromising a server containing personal information of approximately 200,000 current and former students, faculty, staff, and applicants. The breach exposed student and employee ID numbers alongside academic or admissions data, though financial details and passwords remained secure. The institution isolated the affected server upon discovery by IT staff. This incident follows a prior ransomware attack impacting around 250,000 community members, occurring as the university strengthens security measures against escalating sophisticated threats. Affected individuals were advised to monitor accounts for unusual activity despite assessed low identity theft risk.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 5, 2021, Simon Fraser University’s Information Technology Services staff discovered a cyberattack targeting one of the institution’s servers. The university promptly isolated the compromised server to contain the breach. Investigations revealed the server stored personal information of approximately 200,000 individuals, including current and former students, faculty, staff, and student applicants. Exposed data consisted of student or employee ID numbers paired with at least one additional piece of information, such as admissions status or academic standing records. The university confirmed the breach did not compromise banking details, social insurance numbers, or passwords. SFU characterized the incident as part of a broader trend of increasingly sophisticated cyberattacks targeting its systems despite ongoing security enhancements.
The university began notifying affected individuals with current email addresses on file, directing them to an online portal where they could verify their exposure using their ID numbers. While SFU assessed the risk of identity theft as low, it advised impacted individuals to monitor their personal accounts and memberships for unusual activity over subsequent months. This incident followed a February 27, 2020 ransomware attack that had compromised data belonging to approximately 250,000 students, faculty, and alumni, underscoring persistent cybersecurity challenges faced by the institution. No ransom demands or specific attacker attribution were disclosed in the 2021 breach. The university’s public statement emphasized operational containment measures but did not detail forensic findings or long-term remediation plans beyond initial notifications.